Privacy Policy

Last updated: April 3, 2026

1. Introduction

DueMatch (“we,” “us,” or “our”) operates the duematch.com website and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored in hashed form).

Eligibility Profile

When you complete our eligibility quiz, we collect information about your state of residence, age range, brands you have purchased from, services you have used, devices you own, software subscriptions, financial accounts, insurance providers, data breach exposure, and employer history. This information is used solely to match you with relevant class action settlements.

Usage Data

We automatically collect certain information when you access our service, including your IP address, browser type, operating system, referring URLs, pages visited, and timestamps. This data helps us improve performance and diagnose issues.

Cookies

We use a session cookie (ss_session) to maintain your authenticated session. We do not use third-party tracking cookies or advertising cookies.

3. How We Use Your Information

  • To match you with class action settlements you may qualify for
  • To provide AI-powered settlement analysis and chat assistance
  • To manage your account, process subscription payments, and provide customer support
  • To send service-related communications (account verification, settlement alerts, billing notices)
  • To improve, maintain, and monitor the performance of our service
  • To detect, prevent, and address fraud or security issues

4. Information Sharing

We do not sell, rent, or trade your personal information. We may share information with:

  • Service providers: Third-party services that help us operate our platform (hosting, database, payment processing, AI services). These providers are contractually obligated to protect your data.
  • Legal compliance: When required by law, court order, or governmental authority.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We never share your eligibility profile data with settlement administrators, law firms, or claims processors without your explicit consent.

5. Data Storage and Security

Your data is stored on secure servers provided by Supabase (PostgreSQL) and hosted within the United States. We use encryption in transit (TLS/HTTPS) and at rest. Passwords are hashed using industry-standard algorithms. Session tokens are signed with HMAC-SHA256.

While we implement commercially reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your account and profile data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, billing records).

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data
  • Object to or restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, contact us at privacy@duematch.com.

8. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

9. Children's Privacy

Our service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised “Last updated” date. Your continued use of the service after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:
privacy@duematch.com